Design/Logic Flaw

2020-12-3000:15:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.0%

JSON

Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2.6.0.48.

CPENameOperatorVersion
gs116e_firmwarelt2.6.0.48
jgs516pe_firmwarelt2.6.0.48
jgs524e_firmwarelt2.6.0.48
jgs524pe_firmwarelt2.6.0.48

Name	Operator	Version
gs116e_firmware	lt	2.6.0.48
jgs516pe_firmware	lt	2.6.0.48
jgs524e_firmware	lt	2.6.0.48
jgs524pe_firmware	lt	2.6.0.48

References

kb.netgear.com/000062638/Security-Advisory-for-Missing-Function-Level-Access-Control-on-Some-Smart-Managed-Plus-Switches-PSV-2020-0396